Search Our Database

Installing an SSL Certificate via Terminal (Apache)

Last updated on |
by

Overview

This guide provides instructions on installing an SSL certificate on a server using command-line tools. SSL (Secure Sockets Layer) certificates encrypt data transferred between a user’s browser and the server, enhancing website security.

 

Prerequisites

  • Root or sudo access to the server.
  • The SSL certificate file, usually provided as
    .crt

    .

  • The private key file, usually
    .key

    .

  • Intermediate certificates (if provided by your CA).

 

Step-by-Step Guide

1. Upload Your Certificate Files and Access your server.

  • Securely upload your SSL certificate (.crt), private key (.key), and any intermediate certificates to your server or save in a notepad.
  • SSH into your server:
ssh user@<yourserver-IPaddress>

 

2. Locate Directory for SSL Certificates in Virtual Host

  • To locate the Directory for SSL Certificates, you may type in: 
    httpd -S
  • This command will display the Apache server configuration, including the paths to the SSL certificates for each virtual host.
    • A typical output snippet might look like this:
      SSLCertificateFile /etc/ssl/certs/my_certificate.crt
      SSLCertificateKeyFile /etc/ssl/private/my_private.key
  • Different servers may have varying paths for SSL certificates, so it is IMPORTANT to accurately determine the SSL certificate path in your virtual host configuration.

 

 

3. Upload new the SSL certificate, private key and CA certificate in path given in Virtual Host.

  • You can do a backup first on the old certificates by using the command below: 
    

    cp /etc/ssl/certs/my_certicate.crt /etc/ssl/certs/my_old_certificate.crt
    
cp /etc/ssl/certs/my_private.key /etc/ssl/certs/my_old_private.key
  • After done with the backup on old certificates, you can paste/edit all the NEW certificates and private key in the path given in Virtual Host: 
    

vim /etc/ssl/certs/my_certicate.crt
      
    

vim /etc/ssl/certs/my_private.key
  • Restart the apache service: 
    service httpd restart
OR
systemctl restart httpd

4. Test the Configuration

  • You can use online tools like SSL Labs’ SSL Test or SSL Checker.
  • If you encounter errors, check your configuration files for syntax errors and verify the paths to your SSL files.
  • Review server logs for specific error messages.

 

 

Conclusion

Installing an SSL certificate is a critical step in securing your website and protecting user data. Ensure you regularly update and renew your SSL certificates as required.

 

Related Article